<?php
include("../includes/functions.php");
require("../includes/session.php");
ensure_logged_in("member");
generate_header("member", "Member Main Page");
connect_db();
?>
<div id="single_main_block">
  
  
  <?php
  if(!isset($_GET['action'])){	//if we don't have "action" data from prev page
    $action = 'NULL';
  }
  else{
    $action = $_GET['action'];
  }
?>

  
<?php	// Forms Processing
if(!isset($_POST['submit'])){
	
}
else if($action == "NULL"){	//default
  // do NOTHING!  NOTHING!
}
else if($action == "transfer"){ // deal with transfer forms
  $transferamount = $_POST["transferamount"];
  $fromaccount = $_POST["fromaccount"];
  $toaccount = $_POST["toaccount"];
  $transferamount = intval($transferamount);
		
	$query = "DELETE FROM User WHERE UserID=\"abcd\"";
	$result = mysql_query($query);
	confirm_query($result);
  if(empty($transferamount) || empty($toaccount) || empty($fromaccount) 
     || !is_numeric($transferamount) || !is_numeric($toaccount) || !is_numeric($fromaccount)
     || $toaccount == "choosefrom" || $fromaccount == "choosefrom"){
    // if they failed to fill in all FORMS PROPERLY
    redirect_to("member.php?action=transfer&arg=-7");
  }
  else {	// if they filled all the fields properly
    if (!is_existing_account($fromaccount) || !is_existing_account($toaccount)){ //either account doesn't exist, KERSPLAT!
      redirect_to("member.php?action=transfer&arg=-6");
    }
    else if($transferamount <= 0){
      	redirect_to("member.php?action=transfer&arg=-5");
    }
    else{
      $result = transfer($transferamount,$fromaccount,$toaccount);
      if($result == 1)
	$result = 2;
      redirect_to("member.php?action=transfer&arg={$result}");
    }
  }
}
	
else if($action == "cuap"){	// change user account password
  // first get all postdata
  $userid = $_POST["userid"];
  $userpass = $_POST["olduserpass"];
  $newuserpassone = $_POST["newuserpassone"];
  $newuserpasstwo = $_POST["newuserpasstwo"];

  if(empty($userid) || empty($userpass) || empty($newuserpassone) || empty($newuserpasstwo)){
    // if they failed to fill in all mando forms
    redirect_to("member.php?action=cuap&arg=-7");
  }
  else {	// if they filled in the form, check if user exists
    if(!is_existing_user($userid,"","", false)){ //If user does not exist
      redirect_to("member.php?action=cuap&arg=-3");
    }
    else if(!passwords_match($newuserpassone, $newuserpasstwo)){ //Check if passwords match
      redirect_to("member.php?action=cuap&arg=-2");
    }
    else if(!authenticate_user($userid, $userpass)){ //Check if given existing password is correct
      redirect_to("member.php?action=cuap&arg=-3");
    }      
    else{ //Change passwords
      change_password($newuserpassone, $userid);
      redirect_to("member.php?action=cuap&arg=1");
    }
  }
}
?>
  
<!--******************************//-->
<!--******************************//-->
<!--******************************//-->
<!--******************************//-->
<!--******************************//-->
<!--******************************//-->

<?php	// Forms

member_argumenthandler();

if(isset($_GET['isblank'])){ //if fields were empty
  echo '<strong>Failure: All fields must be filled with valid data!</strong>';
}


if($action == 'NULL'){	//default
  echo '<h2>Welcome to Member Account</h2>
	<p>Please click on a link above!</p>  ';
}

else if($action == "history"){ //create new bank account
  echo '	<h2>Account Transactions</h2>';
  if(!isset($_GET['acctnum'])){	//if we don't have "action" data from prev page
    echo '<strong>FAILURE: No account selected!</strong>';
  }
  else{
    $ARRAY = array();	// initialize empty array
    $ARRAY = get_transactions_foraccount($_GET['acctnum']);
    if (mysql_num_rows($ARRAY) <= 0) {	//if there are no transactions
      echo '	<strong>No recent transactions</strong>';
    }
    else{
      echo "	<table border=\"1\" border-width=\"0\" style=\"width: 100%;\">
					<tr>
						<th>Date</th>
						<th>Transaction ID</th>
						<th>Credit</th>
						<th>Debit</th>
					</tr>";
      for ( $i=0 ; $i<mysql_num_rows($ARRAY) && $i<10 ; $i++ ) {
	$transaction = mysql_fetch_array($ARRAY);
	$transid = $transaction['TransID'];
	$date = $transaction['TransactionDate'];
	$type = $transaction['TransType'];
	$amount = $transaction['TransAmount'];
	$branch = $transaction['BranchID'];
	echo "	<tr>
						<td>{$date}</td>
						<td>{$transid}</td>";
	if($type == "Credit"){
	echo "<td>\${$amount}</td><td></td>";
	}
	else{
	echo "<td></td><td>\${$amount}</td>";
	}
	echo '				</tr>';
      }
      echo '	</table>';
    }
  }
}

else if($action == "acctlist"){ // list the accounts
  echo '	<h2>Account Listing</h2>';
  $ARRAY = array();
  $ARRAY = get_user_accounts($_SESSION['user_id']);
  if (mysql_num_rows($ARRAY) <= 0) {	//if user has no accounts
    echo '<strong>You have no accounts.</strong>';
  }
  else {
    echo '	<table cellspacing="10">
				<tr>
					<th>Account Number</th>
					<th>Account Type</th>
					<th>Account Balance</th>
                                        <th>Account Status</th>
			 	</tr>';
    for ( $i=0 ; $i<mysql_num_rows($ARRAY) ; $i++ ) {
      $account = mysql_fetch_array($ARRAY);
      $accountnum = $account["AccountNumber"];
      $accounttype = $account["TypeID"];
      $accountbal = $account["Balance"];
      $accountstat = $account["AccountStatus"];
      echo "	<tr>";
      echo '' . ($accountstat == "open" ? " <td><a href=\"member.php?action=history&acctnum={$accountnum}\">{$accountnum}</a></td>" : " <td>{$accountnum}</td>");
      echo "
				<td>{$accounttype}</td>
				<td>\${$accountbal}</td>
                                <td>".ucfirst($accountstat)."</td>";
      echo '' . (ucfirst($accountstat) == ucfirst("open") ? " <td><a href=\"member.php?action=history&acctnum={$accountnum}\">View Recent Transaction</a></td>" : "");
      echo "	        	</tr>";
    }
    echo '	</table>';
  }
}

else if($action == "transfer"){ // transfer the moneys
  if(isset($_GET['isblank'])){ //if fields were empty
    echo '<strong>Failure: All fields must be filled with valid data!</strong>';
  }
  $ARRAY = array();	// initialize empty array
  $ARRAY = get_user_accounts($_SESSION['user_id']);
  if (mysql_num_rows($ARRAY) <= 1) {	//if user has less than two accounts
    echo '<strong>You must have more than one account in order to transfer between them.</strong>';
  }
  else{	//user has enough accounts to make a transfer
    echo "	<h2>Member Account Transfer</h2>
			<form action=\"member.php?action=transfer\" method=\"post\">

			<h3>Transfer Amount:</h3>
			<input type=\"text\" name=\"transferamount\" />			
			<h3>FROM Account: </h3>
			<select name=\"fromaccount\">
			<option value=\"choosefrom\">Select Account...</option>";
    for ( $i=0 ; $i<mysql_num_rows($ARRAY) ; $i++ ) {
      $account = mysql_fetch_array($ARRAY);
      $tempaccountid = $account["AccountNumber"];
      $tempaccounttype = $account["TypeID"];
      $tempacctstat = $account["AccountStatus"];
	if(ucfirst($tempacctstat) == ucfirst("open"))
     	 echo "<option value={$tempaccountid}>#{$tempaccountid} {$tempaccounttype}</option>";
    }
    echo	"</select>
		  <h3>TO Account: </h3>
		 <select name=\"toaccount\">
		   <option value=\"chooseto\">Select Account...</option>";
    mysql_data_seek($ARRAY,0);	//reset internal pointer to beginning
    for ( $i=0 ; $i<mysql_num_rows($ARRAY) ; $i++ ) {
      $account = mysql_fetch_array($ARRAY);
      $tempaccountid = $account["AccountNumber"];
      $tempaccounttype = $account["TypeID"];
      $tempacctstat = $account["AccountStatus"];
	if(ucfirst($tempacctstat) == ucfirst("open"))
      		echo "<option value={$tempaccountid}>#{$tempaccountid} {$tempaccounttype}</option>";
    }
    echo	"</select>
		<input type=\"submit\" value=\"Submit\" name=\"submit\" />
		  </form>";
  }
}
else if($action == "cuap"){ // change user account password
  echo "
	<form action=\"member.php?action=cuap\" method=\"post\">

	  <h5>Account Information</h5>
	  <div style=\"border:solid 1px;\">
	    User ID: <input type=\"text\" name=\"userid\" /><br />
	    Old Password: <input type=\"password\" name=\"olduserpass\" /><br />
	    New Password: <input type=\"password\" name=\"newuserpassone\" /><br />
	    Confirm New Password: <input type=\"password\" name=\"newuserpasstwo\" /><br />
	  </div>

	  <br/>
	  <input type=\"submit\" value=\"Submit\" name=\"submit\"/>
	</form>
	";
}
?>
   
</div>
<?php
include("../includes/footer.php");
?>
